Understanding Printer Vulnerabilities

Posted by onJanuary 30, 2018| Featured

We don’t typically think of printers as devices that are vulnerable to cyber-attacks – after all, they just print paper. But the security of devices connected to the Internet of Things (IoT) is a growing concern, and not enough printer manufacturers are taking this issue seriously. In just one recent example , due to press coverage and the nature of the vulnerability, HP was forced to take a recent vulnerability seriously and release an emergency patch—as the vulnerability was remotely exploitable. Unfortunately, though, HP’s quick action is an exception.

What are the effects of these printer vulnerabilities, and what can you do to prevent unauthorized access to your IoT devices?

The Importance of IoT Security

Networked printers and other IoT devices pose a greater cybersecurity threat than most people realize. Without proper network access control, your personal or office printers are vulnerable to a long list of potential cyber-attacks.

For instance, hackers can manipulate documents, access old printer logs in order to obtain sensitive information, or even damage the printer itself. If a corporate printer is attacked, hackers can easily obtain confidential customer information – phone numbers, addresses, social security numbers, and more. Moreover, once an intruder accesses a printer, they can use it as a stepping stone to access other internal systems.

How to Prevent Unauthorized Access

Hackers are constantly searching for unsecured ports and adding them to databases of vulnerable devices. How can you make sure your printer are themselves secure and not being used as a base for a deeper attack?

First, change your printer’s default settings and set administrative passwords. Then, make sure your printer’s firmware is up to date – after a major security breach, most manufacturers will release firmware patches to address the problem.

But while these are good first steps to take, sophisticated hackers aren’t going to let a password stand in their way, and no matter how up to date firmware is, there’s always that next zero-day vulnerability. That’s why the best way to prevent unauthorized access to/from your devices is to invest in network access control technology. Impulse’s SafeConnect is a comprehensive network access control system that can automatically place a device on an isolated network segment (e.g.: a VLAN) to prevent an East/West attack from a printer to other critical devices. Meanwhile, SafeConnect can ensure that only authorized devices are on a network to ensure that the network jack the printer uses is not used as an on ramp to your network.

For more information, request a deep-dive demo from one of our experts today.